or distribution vmc on dell emc technical deep dive for ...dl.geekboy.pro:8080/vmworld...

VMC on Dell EMC –Technical Deep Dive

Sridevi RavuriVMware

Emily XuVMware

VMworld 2019 Content: Not for publication or distribution

©2019 VMware, Inc.

Disclaimer

This presentation may contain product features or functionality that are currently under development.

This overview of new technology represents no commitment from VMware to deliver these features in any generally available product.

Features are subject to change, and must not be included in contracts, purchase orders, or sales agreements of any kind.

Technical feasibility and market demand will affect final delivery.

Pricing and packaging for any new features/functionality/technology discussed or presented, have not been determined.

2

The information in this presentation is for informational purposes only and may not be incorporated into any contract. There is no commitment or obligation to deliver any items presented herein. VMworld 2019 Content: Not for publication or distribution

©2019 VMware, Inc.

Agenda

3

What is VMC on Dell EMC?

Use cases & User Flows

Architecture Review

Support Overview


©2019 VMware, Inc. 4

VMs Containers

Intrinsic Security & Lifecycle Automation

Enterprise Services

Network Compute Storage

Automation & Operations

Data Protection

Back-up

Disaster Recovery

Cloud Bursting

Storage

Cloud FoundationPowered by

• Cloud infrastructure delivered as-a-service on-premises

• Co-engineered and delivered by Dell Technologies; ongoing service fully managed by VMware

• VMware SDDC including compute, storage and networking

• Built on VxRail – Dell EMC’s enterprise-grade cloud platform

• Hybrid control plane to provision and monitor resources

• Subscription model

VMware Cloud on Dell EMC NowAvailable

VMware Cloud



VMC on Dell EMC provides VMware Managed On-Prem Infrastructure

Public CloudPrivate Cloud Edge

On Prem Off Premise

Self Managed Fully Managed

On Prem

Fully Managed

VMC on Dell EMCDatacenter Edge . Co-lo

VMC on AWSVCF, vSphere



VMware Cloud on Dell EMC delivers the best of both clouds

Public Cloud Benefits with Private Cloud Advantages

Single vendor accountability

Locality to apps, data, and critical integrations

Agility and time-to-value

Zero infrastructure management

Regulatory compliance

Predictable costs

Public Cloud On-Premises



Delivering cloud simplicity to the data center and edge

Consumption Model Enables Flexibility

One price covers entire offering –pay upfront or monthly

Choose from 1- or 3-year terms

Add capacity as

demand fluctuates


8©2019 VMware, Inc.

User Flow



Customer Orders VMC on Dell EMC Rack from VMC VMC on Dell EMC Rack is built at Dell Factory using VMC on Dell EMC cloud and deployed at Customer Site by Dell Technicians

VMC on Dell EMC Rack is automatically updated and

monitored from VMware Cloud

Cloud consumption model for edge and data center locations

Fully-Managed On-Premises SDDC as a Service



Login to VMware Cloud Console



VMware Cloud Services Console



Where do you need the SDDC?



Pick a Rack type



Pick an instance type and number of instances



Provide networking details



Connect and Activate SDDC



Use NSX features from portal



Software



Automated maintenance of Hardware and Software



Architecture Overview



VMC on Dell EMC – high level architecture

UPS

UPS

UPS

VMC Cloud Control Plane Velocloud Gateways

VM

C o

n D

ell

EM

C R

acks

at

Cu

sto

me

r S

ite

s



Exact components subject to change

Hardware Tech Specs for VMware Cloud on Dell EMC

Rack Specifications Rack 1 (24U) Rack 2 (42U)

Number of VxRail E560F Nodes 3 5 4 16 (24 future)

Power Distribution 1 x 30-amp via UPS (110v OR 220v)

2 x 30-amp 220v

Top of Rack Switches 2 x 10GbE 2 x 25GbE

Management Switch 1 x 1GbE 48-port

Management SD-WAN 2 x VeloCloud Edge

Resources per Instance Instance G1 Instance G2

CPU Single 20-core, 2.5GHz Dual 24-core

Memory 192GB at 2933MHz 768GB

Storage Capacity 11.5TB Read Intensive SATA SSD (RAW)

30.7TB RAW

Storage Cache 1 x 800GB Mixed Use SAS SSD

2 x 800 GB SAS SSD

Available Now Coming Soon



VMC on Dell EMC Rack @ IA – A closer look

2 Velocloud Edge Nodes for remote mgmt. from cloud

2 ToR Switches for connectivity between servers

1 Mgmt switch for Out of band Mgmt

3-5 VxRAIL Nodes

+1 Spare Capacity Node

Battery backup (UPS) for orderly shutdown during

power outages

UPS

VMC on Dell EMC service is responsible for lifecycle, monitoring and support of all Hardware and SDDC components

SDDC Hardware



Customer gets limited cloudAdmin role –

• can only deploy and edit workload VMs, create resource pools etc

• cannot modify host, mgmt. network or mgmt. VMs

vCenter can be accessed from the cloud, or locally from customer network; No extra DNS setup is required.

Two vSAN datastores –

• one for the management VMs (vsanDatastore)

• one for the workload VMs (WorkloadDatastore).

• Both datastores share the same underlying storage devices and consume from the same pool of free space.

Customer can set vSANpolicies (Failures to tolerate) for workload VMs

Customer can set granular access to vCenter using NSX-Edge

Customer can set granular access to Workload VMs using NSX-Edge

Distributed Firewall

Security Groups (based on IP Address, VM Instance, VM Name, Security Tags)

and more…

VMC on Dell EMC SDDC Overview

vCenter vSAN NSX-T



VMC on Dell EMC works with your existing vSphere environments

Hybrid Linked Model – Allows to connect other on-prem SDDCs to VMC on Dell EMC SDDC and view all inventory in one view

Migrate VMs from one SDDC to other using L2-VPN (NSX) VMworld 2019 Content: Not for publication or distribution


Racks in remote locations are usually left in the open - no physical security



VMC on Dell EMC SDDC

SDDC Security using TPM

vSAN

encrypted with vSAN encryption key

ESX will retrieve encryption keys using TPM, vCenter need not connect to a KMS

VMC Control Plane will generate keys per cluster

Keys are persisted with a key sealed in TPM during setup

Host core dumps, vSANdatastore and ePOP VM are encrypted using keys protected by the TPM

ePOP VM

encrypted using

ePOP encryption key

Workload VMs

vCenter

ESX

Key Cache

(Encrypted with KEK)

HW

TPM ( Stores KEK )

ESX

Key Cache


ESX

Key Cache


HW

TPM ( Stores KEK )

HW

TPM ( Stores KEK )


©2019 VMware, Inc.

VMware Cloud on Dell EMC – Cloud Control Plane

• Multi-tenant micro services• Console for customers, OEM

integrator and operators• Order, provisioning, bringup,

monitoring, LCM, support

VMC on Dell EMC

• Multi-region, and multi-az• Highly available common

services

VMC Common Services

• Identity (AD, MFA, RBAC)• Onboarding• Billing

VMware Cloud

Service Platform

CI/CD Pipelines

Monitoring

Auditing

Per Customer VPC

Per Customer VPC

Per Customer VPC

Customer Isolation

Per SDDC access tokens

Monitoring

Auditing

Velo Velo

Node - 02

Node - 01

UPS

Node - 06

Node - 05

Node - 04

Node - 03

Management

ToR - 02

ToR - 01

Velo Velo

Node - 02

Node - 01

UPS

Node - 06

Node - 05

Node - 04

Node - 03

Management

ToR - 02

ToR - 01

Velo Velo

Node - 02

Node - 01

UPS

Node - 06

Node - 05

Node - 04

Node - 03

Management

ToR - 02

ToR - 01


©2019 VMware, Inc.

Public Cloud

VMC on Dell EMC Private Cloud Managed by VMware Cloud

VMC on Dell EMC Rack

L3 to Customer Network(Static Routing)

SD-WAN (Internet)

Customer Router

Velo Cluster

Customer Network

VMware Cloud Control Plane

AWS ENI

Internet

Customer VPC (VMware Managed)

User

Velo Velo

Node - 02

Node - 01

UPS

Node - 06

Node - 05

Node - 04

Node - 03

Management

ToR - 02

ToR - 01

IPSec Tunnel Secured SD WAN

Private CloudVMworld 2019 Content: Not for publication or distribution

©2019 VMware, Inc.

Secure Access to vCenter from Public Cloud


Site #1 / Rack 1

Cloud Proxy

SRE

Jump Host

Bring Up

Customer VPC

(VMC Managed)

AWS ENI

Lifecycle Management Patching & Upgrade

SRE Remote Access

Remote Monitoring

Internet

Customer Router/FW


Site #1 / Rack 2


Site #2 / Rack 1

VMware Access Proxy

SD-WAN (Internet)

Customer Router/FW

VMware Cloud Control Plane

VMware provides FQDN for vCenter per

SDDC with public IP addressVMware

Managed

Public DNS

IPSec Secured WAN

Elastic Public IP

Customer Network


©2019 VMware, Inc.

Untagged VLAN (Host Mgmt)

VLAN 1 (VSAN)

VLAN 2 (vMotion)

VLAN 3 (VXLAN)

Host Infrastructure Networks

ToR

Customer Access to Dimension SDDC (Using Customer Private Network)

SD WAN GW VLAN 14

VLAN 12

VLAN 11

Layer 3 Connectivity with Customer Network

Data Uplink

Internet

VC Management Network

NSX Management Network

Customer Network User

NSX MgmtAppliances

VLAN 11 is Terminated on SD WAN GW

VLAN 11

VLAN 21

Customer VPC

VMware Managed

Public DNS

VLAN 100

NSX Edge to VC Management Network VLAN 13

NSX-Edge

VLAN 20

ePOP VCSA

To Customer VPC

VLAN 20 VLAN 20

Public FQDN / SDDC Mgmt IP

Ex: acme.vc1.vmwarevmc.com



Highly Available / High Performance Networking

VMC on Dell EMC Rack

Node - 6

Node - 5

Node - 01

…

ToR - 01 ToR - 02

Mgmt Switch

VLT2x 10 Gbpsvmnic Network(IB Mgmt/DATA)

SFP Twin-ax Copper

1x 1GbpsIPMI Network(OOB Mgmt)1G-BaseT Copper

CustomerUpstream

Router - 01

CustomerUpstream

Router - 02

L3 to Upstream NetworkStatic Routing

Velo 520

Velo 520

(Active/Standby)

Customer Router/FW

To Customer VPC

In-Rack Wiring



Shared Responsibility –Multiple players own responsibility of the end to end environment

Customer

Customer Data

Customer Virtual Machines

Networking at SDDC Networking

to data center

Customer applications, access

layer

VMware

VCenter/ESX/vSAN

Infrastructure VMs

Mgmt Network @ SDDC

Cloud Deployment

Access from cloud to SDDC

OEM

Rack Hardware/ Firmware

OEM VMs

AWS (IaaS provider)

Infrastructure for VMC on Dell EMC

cloud service

Availability zones/ regions

Managed by VMware



Support Overview



VMC on Dell EMC Rack - Proactive monitoring of all Hardware and SDDC components



Single point of contact – VMware

Call or Chat with VMware representatives

Hardware Break-fix

• For any issue with SDDC, or hardware, we bring the spare host immediately into the cluster

• SLA 4 hours for server HW fix

• Next business day for any other hardware component in the rack

How to file a ticket / SLAs at IA


or distribution vmc on dell emc technical deep dive for ...dl.geekboy.pro:8080/vmworld...

Documents